Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12208
HistoryJun 16, 2021 - 12:00 a.m.

KLA12208 Multiple vulnerabilities in Cisco Jabber

2021-06-1600:00:00
Kaspersky Lab
threats.kaspersky.com
7

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON

Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Cisco Jabber for Windows can be exploited remotely via special crafted messages to obtain sensitive information.
  2. A denial of service vulnerability in Cisco Jabber can be exploited remotely via special crafted messages to cause denial of service.

Original advisories

Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Related products

Cisco-Jabber

CVE list

CVE-2021-1569 high

CVE-2021-1570 high

Solution

Update to the latest version

Download Cisco Jabber

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Cisco Jabber earlier than 14.0.1

Related

nessus 2
cisco 1
prion 2
nvd 2
cve 2
cvelist 2
threatpost 1
nessus
nessus
Cisco Jabber for Windows < 14.0.1 Multiple Vulnerabilities (cisco-sa-jabber-GuC5mLwG)
2021-06-18 00:00:00
Cisco Jabber for Mac < 14.0.1 DoS (cisco-sa-jabber-GuC5mLwG)
2021-06-18 00:00:00
cisco
cisco
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities
2021-06-16 16:00:00
prion
prion
Design/Logic Flaw
2021-06-16 18:15:00
Design/Logic Flaw
2021-06-16 18:15:00
nvd
nvd
CVE-2021-1570
2021-06-16 18:15:09
CVE-2021-1569
2021-06-16 18:15:09
cve
cve
CVE-2021-1570
2021-06-16 18:15:09
CVE-2021-1569
2021-06-16 18:15:09
cvelist
cvelist
CVE-2021-1570 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities
2021-06-16 00:00:00
CVE-2021-1569 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities
2021-06-16 00:00:00
threatpost
threatpost
Cisco Smart Switches Riddled with Security Holes
2021-06-17 19:30:46

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON
Related for KLA12208
nessus2cisco1prion2nvd2cve2cvelist2threatpost1